NextGig Systems, Inc. - Network Connectivity & Test Solutions

Palo Alto Networks' Next-Generation Firewalls - Botnet Protection

Identifying & Controlling Botnets

Protecting the network from botnets is challenging due to the efforts that malware authors put into keeping botnets and their propagation a secret. Protecting the network from botnet infestation is accomplished using a combination of elements including application identification, threat signatures and visibility into unusual traffic patterns.

Questions? Call  1-805-277-2400

Controls applications used for botnet propagation and command and control.

Organizations can use the application control enabled by App-ID to deploy firewall policies that control those applications that may be used by botnets as propagation channels or for command and control. Examples include:

Block P2P and IM applications such as MSN which have been known to propagate botnets.

Block known botnet command and control applications (e.g., IRC)

Control, inspect and monitor those applications that are emerging as command and control channels (Twitter, Gmail, Google Docs).


Prevents the propagation of known botnets.

The threat prevention engine can identify and block a wide range of known botnets such as Dark Energy and Rustock with new botnet signatures are added regularly via the weekly content updates.

Quickly determine which machines may be bot infected.

Using a range of datapoints including unknown applications, IRC traffic, malware sites, dynamic DNS, and newly created domains is analyzed with the results displaying the list of potentially infected hosts that can be investigated as members of a botnet.

For more information, pricing, demonstration or evaluation on Palo Alto Networks Products please contact us here.